# BBX.Log.Analyzer.Alpha.config.pl.v.1.3
# May 07, 2009
#
#
# All default values are off. To turn on any option, uncomment it.
#
# Daily log, (sent to email)
$securityLog = '/home/ecastmyhome/www/cgi-bin/security.log';
$dailyLog = '/home/ecastmyhome/www/cgi-bin/daily.log';
#$maillog = 'maillog.dat';

# If you want to erase all dat files after the program runs, turn this on.
#$cleanDat = 1;

# Report Directroy
# This is the directory that all the html and php files go
# NOTE: This is a required setting.

$reportDir = "/home/ecastmyhome/www/admin/reports/";

# MySql Username and Password
# This script will create all databases and tables for you.
# If you wish to create your own database, comment the next four lines.
# Notice: This script will not work without access to a database.
$mysqlRootUsername = 'root';
$mysqlRootPassword = 'kidk.843.SFRT';
$mysqlRootDatabase = 'localhost';
$mysqlRoot = 1;

# Database name and creditials
$mysqlDatabase = 'massemail';
$mysqlUsername = 'massemail';
$mysqlPassword = 'oisd.912.ASED';

# Domain and email for reports
$domain = 'ecastmyhome.com';
$adminEmail = 'filminfool@yahoo.com';

# Enable or disable modules here. Default is off, uncomment to enable.
$periodicReportsParser = 1;
  $emailMod = 1;
  $intrusionMod = 1;
  #$userMod = 1;

#$lierReports = 1;
  #
  #
#$maillog = 1;
  #
  #

# What do you want to scan for in the daily periodic email?
# Adding values here will create a table in the DB and populate it.
@dailyLogErrors = (
   ['connectionRefused',
   'm/Connection refused\)/',
   '1800',
   'Connection Refused',
   'Removed from active contacts.',
   'recomm'],

   ['operationTimedOut',
   'm/Operation timed out/',
   '1801',
   'Operation Timed Out',
   'Removed from active contacts.',
   'Probably a bad email address.'],

   ['tempProblemTryLater',
   'm/451 Temporary local problem - please try later/',
   '1802',
   '451 Temporary local problem - please try later',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['permissionDenied',
   'm/Permission denied/',
   '1803',
   'Permission denied',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['assignRequestedAddress',
   'm/assign requested address/',
   '1804',
   'assign requested address',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['verizonAntiSpam',
   'm/refused to talk to me.*Verizon/',
   '1805',
   'refused to talk to me Verizon',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['domainNotFound',
   'm/Host or domain name not found\. Name service error/',
   '1806',
   'Host or domain name not found Name service error',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['openDirFailed',
   'm/421 opendir\(\) failed/',
   '1807',
   '421 opendir failed',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm'],

   ['userComplaints',
   'm/refused to talk to me: 421 Temporarily deferred.*due to user complaints/',
   '1808',
   'refused to talk to me: 421 Temporarily deferred. due to user complaints',
   'Moved to operationTimedOut table and removed from active contacts.',
   'recomm']
 );
 
 
# What do you want to scan for in the security periodic email?
# Adding values here will create a table in the DB and populate it.

 @securityLogErrors = (
   ['sshIllegalUser',
   qr/sshd\[\d+\]:\s*error:\s*PAM:\s*authentication error for illegal user.*from\s*(\S+)/,
   '2500',
   'sshd[71522]: error: PAM: authentication error for illegal user',
   'Blocked User.',
   'None.'],
   
   ['sshIllegalUser',
   qr/sshd\[\d+\]:\s*error:\s*PAM:\s*authentication error for illegal user.*from\s*(\S+)/,
   '2500',
   'sshd[71522]: error: PAM: authentication error for illegal user',
   'Blocked User.',
   'None.']
 );
 
 
# 
# sub handle_sshIllegalUser
#{
#  if ($_[0] =~ /sshd\[\d+\]:\s*error:\s*PAM:\s*authentication error for illegal user.*from\s*(\S+)/)
#  {
#    do_something_with($1);
#  }
#}
#
#@securityLogErrors = (
#   ['sshIllegalUser',
#   qr/sshd\[\d+\]:\s*error:\s*PAM:\s*authentication error for illegal user.*from\s*(\S+)/,
#   '2500',
#   'sshd[71522]: error: PAM: authentication error for illegal user',
#   'Blocked User.',
#   'None.'],
#   
#   ['sshIllegalUser',
#   \&handle_sshIllegalUser,
#   '2500',
#   'sshd[71522]: error: PAM: authentication error for illegal user',
#   'Blocked User.',
#   'None.']
# );
#
#
#...
#{
#  while (<>) {
#     $handle=$e->[1];
#     $handle($_);
#  }
#
#}